ThePeGaSuS
57 lines
1.7 KiB
Caddyfile
57 lines
1.7 KiB
Caddyfile
# Caddyfile — Cathode + WeeChat relay reverse proxy
|
|
#
|
|
# This config does two things:
|
|
# 1. Serves the Cathode static files at the root
|
|
# 2. Proxies /api/* to WeeChat's relay (API protocol) with WebSocket support
|
|
#
|
|
# Caddy handles TLS automatically (Let's Encrypt) when you use a real domain.
|
|
# Replace cathode.example.com with your actual domain.
|
|
|
|
cathode.example.com {
|
|
|
|
# Serve Cathode static files
|
|
root * /var/www/cathode
|
|
file_server
|
|
|
|
# Proxy WeeChat relay API (REST + WebSocket)
|
|
# WeeChat listens on localhost:9000 — adjust if needed
|
|
handle /api* {
|
|
reverse_proxy localhost:9000 {
|
|
# Pass the real client IP to WeeChat
|
|
header_up X-Real-IP {remote_host}
|
|
|
|
# Required for WebSocket upgrade
|
|
transport http {
|
|
# If WeeChat relay uses a self-signed cert on localhost,
|
|
# disable verification for the backend connection
|
|
# tls_insecure_skip_verify
|
|
}
|
|
}
|
|
}
|
|
|
|
# Security headers
|
|
header {
|
|
X-Content-Type-Options nosniff
|
|
X-Frame-Options DENY
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
}
|
|
|
|
# Optional: enable compression for static assets
|
|
encode gzip
|
|
}
|
|
|
|
|
|
# ── Local / LAN setup (no domain, plain HTTP) ────────────────────────────────
|
|
# If you're running on a LAN and don't have a domain, use this instead.
|
|
# Note: browsers will require ws:// (not wss://) and you must uncheck TLS
|
|
# in Cathode's connect screen.
|
|
#
|
|
# :8080 {
|
|
# root * /var/www/cathode
|
|
# file_server
|
|
#
|
|
# handle /api* {
|
|
# reverse_proxy localhost:9000
|
|
# }
|
|
# }
|